Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. At least one non-transitory machine-readable storage medium including instructions that when executed enable a system to: receive, in response to a fork operation in a parent protected region of a parent process, at a library of the parent process located in a parent non-protected region of the parent process outside of the parent protected region of the parent process, from the parent protected region of the parent process, an outside call to create a child process; and responsive to the outside call received at the library, issue by the library a first request to an operating system kernel to cause the operating system kernel to invoke execution, by a processor, of a non-secure instruction to create the child process and issue a second request to call a trusted driver to invoke execution, by the processor, of a first secure instruction to create a child protected region within the child process, wherein responsive to the first request the child process is to be created and responsive to the second request the child protected region is to be created.
2. The at least one non-transitory machine-readable storage medium of claim 1 , further including instructions that when executed enable the system, further responsive to the outside call to create the child process, to issue by the library a third request to execute, by the processor, non-secure application creation code to create child application data and child application code in the child process based on parent application data and parent application code stored in the parent process, wherein responsive to the third request the child application data and child application code are to be created within the child process.
This invention relates to secure process creation in computing systems, specifically addressing the challenge of safely generating child processes from parent processes while maintaining isolation and security. The system involves a library that manages process creation, ensuring that child processes are generated with appropriate data and code derived from a parent process. When an external call triggers the creation of a child process, the library issues a request to execute non-secure application creation code. This code generates child application data and child application code within the child process, based on the parent application's data and code stored in the parent process. The child process is thus created with the necessary resources while maintaining separation from the parent process, enhancing security and stability. The library's role ensures that the creation process is controlled and secure, preventing unauthorized access or corruption of the parent process's resources during child process generation. This approach is particularly useful in environments where process isolation and secure execution are critical, such as in operating systems or application frameworks.
3. The at least one non-transitory machine-readable storage medium of claim 1 , further including instructions that when executed enable the system to, further responsive to the outside call to create the child process, issue by the library a fourth request to execute, by the processor, a library creation instruction to create a child library in the child process, the child library based on the parent library, and in response to the fourth request, the child library is to be created within the child process.
This invention relates to process and library management in computing systems, specifically addressing the challenge of efficiently creating and managing child processes and associated libraries in a multi-process environment. The system involves a parent process that includes a parent library, where the parent library is a collection of executable code or resources shared across processes. When an outside call is made to create a child process, the system issues a request to execute a library creation instruction, resulting in the generation of a child library within the child process. The child library is derived from the parent library, ensuring that the child process has access to the necessary resources while maintaining isolation from the parent process. This approach optimizes resource utilization and process management by dynamically creating libraries in child processes, reducing redundancy and improving system efficiency. The system ensures that the child library is properly initialized and linked to the child process, enabling seamless execution of tasks without requiring manual intervention or additional configuration. This method is particularly useful in environments where multiple processes need to share common libraries while maintaining independence.
4. The at least one non-transitory machine-readable storage medium of claim 1 , further including instructions that when executed enable the system to, further responsive to the outside call to create the child process, issue by the library a fifth request to execute, by the processor, a second secure instruction to create within the child process a child secure storage location that is to include a cryptographic signature substantially identical to a parent cryptographic signature stored in a parent secure storage location of the parent process, and wherein responsive to the fifth request, the child secure storage location is to be created within the child process.
This invention relates to secure process management in computing systems, specifically addressing the challenge of securely propagating cryptographic signatures from a parent process to a child process during process creation. The system involves a parent process with a parent secure storage location containing a cryptographic signature. When an outside call is made to create a child process, a library issues a request to execute a secure instruction that creates a child secure storage location within the child process. This child secure storage location includes a cryptographic signature that is substantially identical to the parent cryptographic signature. The secure instruction ensures that the child process inherits the cryptographic signature from the parent process, maintaining security and integrity across process boundaries. The system leverages secure storage locations and cryptographic signatures to enforce secure process creation, preventing unauthorized modifications or access during the process creation phase. This approach is particularly useful in environments where secure process isolation and cryptographic verification are critical, such as in secure computing environments or trusted execution environments. The invention ensures that the child process inherits the necessary cryptographic credentials from the parent process, enabling secure operations without exposing sensitive information.
5. The at least one non-transitory machine-readable storage medium of claim 4 , further including instructions that when executed enable the system to establish a secure link between the parent protected region and the child protected region.
This invention relates to secure data processing systems that manage protected regions of memory. The problem addressed is ensuring secure communication and data transfer between isolated memory regions, such as a parent protected region and a child protected region, while maintaining security and integrity. The system includes a memory controller that enforces access restrictions to these protected regions, preventing unauthorized access or modification. The invention further includes a mechanism to establish a secure link between the parent and child protected regions, allowing controlled and authenticated communication. This secure link ensures that data transferred between the regions is protected from interception or tampering. The system may also include instructions for managing access permissions, validating data integrity, and enforcing security policies. The secure link may involve cryptographic techniques, such as encryption or digital signatures, to authenticate the regions and protect the data during transfer. The overall goal is to provide a secure and efficient way to share data between isolated memory regions while maintaining the integrity and confidentiality of the system.
6. The at least one non-transitory machine-readable storage medium of claim 5 , further including instructions that when executed enable the system to, after the secure link between the parent protected region and the child protected region is established, send a data request from the child protected region to the parent protected region, wherein responsive to the data request, the child protected region is to receive data stored in the parent protected region via the secure link.
This invention relates to secure data sharing between protected regions in a computing environment. The problem addressed is the need for secure and controlled data transfer between isolated or protected regions, such as those in a trusted execution environment (TEE) or sandboxed processes, where direct communication is restricted for security reasons. The invention involves a system that establishes a secure link between a parent protected region and a child protected region. Once the secure link is established, the child protected region can send a data request to the parent protected region. In response to this request, the parent protected region transmits data stored within it to the child protected region via the secure link. This allows secure data sharing while maintaining isolation between the regions. The system ensures that data transfer occurs only after the secure link is verified and authenticated, preventing unauthorized access. The parent protected region acts as a source of data, while the child protected region acts as a recipient, with the secure link providing a controlled channel for the transfer. This approach enhances security by restricting data flow to authorized requests and maintaining the integrity of the protected regions. The invention is particularly useful in environments where secure inter-process communication or data sharing between isolated execution contexts is required.
7. The at least one non-transitory machine-readable storage medium of claim 6 , further including instructions that when executed enable the system to replace use of the parent process by the child process.
This invention relates to process management in computing systems, specifically addressing the challenge of efficiently transferring control from a parent process to a child process without disrupting system stability or performance. The system includes a non-transitory machine-readable storage medium storing instructions that, when executed, enable a computing device to manage process execution. The instructions facilitate the creation of a child process from a parent process, where the child process inherits resources and execution context from the parent. The system further includes mechanisms to monitor the child process's execution and dynamically replace the parent process with the child process when certain conditions are met, such as the child process reaching a stable operational state. This replacement ensures seamless continuity of operations while optimizing resource utilization. The system may also include error handling to revert to the parent process if the child process fails, maintaining system reliability. The invention improves process management by reducing overhead and enhancing efficiency in task delegation between processes.
8. A method comprising: receiving a fork command from a parent protected region of a parent process in a non-secure library of the parent process located in a parent non-protected region of the parent process, the fork command associated with creation of a child process; and responsive to receipt of the fork command, issuing by the non-secure library a first request to an operating system kernel to cause the operating system kernel to invoke a non-trusted instruction to create the child process via execution of the non-trusted instruction by a processor, and issuing a second request by the non-secure library to a trusted driver to create a child protected region within the child process via execution of a trusted instruction by the trusted driver in execution on a trusted core of the processor, wherein responsive to the first request the child process is to be created and responsive to the second request the child protected region is to be created within the child process.
This invention relates to secure process creation in computing systems, particularly where a parent process in a non-secure environment needs to create a child process with secure regions. The problem addressed is ensuring secure process creation while maintaining isolation between secure and non-secure components. The method involves a parent process in a non-secure library issuing a fork command to create a child process. Upon receiving this command, the non-secure library sends a first request to the operating system kernel to execute a non-trusted instruction, causing the kernel to create the child process. Simultaneously, the non-secure library sends a second request to a trusted driver, which executes a trusted instruction on a trusted core of the processor to create a protected region within the child process. This ensures the child process has both a non-secure and a secure execution environment, with the trusted driver handling the secure portion. The trusted core enforces security policies, preventing unauthorized access to the protected region. This approach enables secure process creation while leveraging existing non-secure libraries and operating system mechanisms.
9. The method of claim 8 , wherein the parent process and the child process are to be located in a dynamic random access memory (DRAM).
10. The method of claim 8 , further comprising responsive to receipt of the fork command, issuing by the non-secure library a third request to create non-secure child application data in the child process based on parent application data stored in a first non-secure portion of the parent process and to create non-secure child application code in the child process based on parent application code stored in a second non-secure portion of the parent process, and wherein responsive to the third request the non-secure child application data is to be created in the child process and the non-secure application code is to be created in the child process.
This invention relates to secure and non-secure process management in computing systems, particularly for handling fork operations in environments with both secure and non-secure execution modes. The problem addressed involves securely managing the creation of child processes from parent processes while ensuring proper isolation and access control between secure and non-secure components. The method involves a non-secure library that processes fork commands to create child processes. When a fork command is received, the non-secure library issues a request to create non-secure child application data and code in the child process. The child application data is derived from parent application data stored in a first non-secure portion of the parent process, while the child application code is derived from parent application code stored in a second non-secure portion of the parent process. Upon receiving this request, the system creates the non-secure child application data and code in the child process, ensuring that only non-secure portions of the parent process are replicated in the child process. This approach maintains security boundaries by preventing secure components of the parent process from being inadvertently exposed or duplicated in the child process. The method ensures proper isolation between secure and non-secure execution contexts while allowing non-secure functionality to be inherited by child processes.
11. The method of claim 8 , further comprising responsive to receipt of the fork command, issuing a fourth request by the non-secure library to the processor to create a child non-secure library in the child process based on the parent non-secure library, wherein responsive to the fourth request the child non-secure library is to be created within a non-secure region of the child process.
This invention relates to secure and non-secure process management in computing systems, particularly for handling library forks in a secure execution environment. The problem addressed is the need to efficiently manage non-secure libraries when a process forks, ensuring proper isolation and security while maintaining functionality. The method involves a computing system with a processor and memory, where a parent process includes a non-secure library. When a fork command is received, the system issues a request to the processor to create a child process. The child process is then configured to include a child non-secure library, which is a copy of the parent non-secure library. The child non-secure library is created within a non-secure region of the child process, ensuring proper isolation from secure regions. This allows the child process to maintain access to the non-secure library while preventing unauthorized access to secure regions. The method ensures that non-secure libraries are properly managed during process forking, maintaining security and functionality. The child non-secure library is created in a non-secure region, preventing potential security breaches while allowing the child process to operate correctly. This approach is particularly useful in systems requiring strict security boundaries, such as those handling sensitive data or executing trusted applications.
12. The method of claim 8 , further comprising responsive to receipt of the fork command by the non-secure library, issuing a fifth request by the non-secure library to the processor to create within the child process a child secure storage location in a secure portion of the child process and associated with the child protected region, the child secure storage location based on a parent secure storage location in the parent process that is to store secure metadata associated with the parent protected region, and responsive to the fifth request, creating the child secure storage location in the secure portion of the child process, wherein the child secure storage location is to be provided with the secure metadata of the parent secure storage location, and wherein after receipt of the secure metadata the child secure storage location is to enable a secure link to be set up between the parent protected region and the child protected region.
This invention relates to secure process forking in computing systems, specifically addressing the challenge of maintaining secure data integrity and access control when a process forks into a child process. In computing environments where processes handle sensitive data, forking can expose security vulnerabilities if secure metadata and protected regions are not properly propagated to the child process. The invention provides a method to ensure secure metadata associated with a protected region in a parent process is correctly replicated in a child process during a fork operation. When a fork command is received by a non-secure library, the library issues a request to the processor to create a child secure storage location within the child process. This storage location is established in a secure portion of the child process and is associated with a child protected region. The child secure storage location is based on a parent secure storage location in the parent process, which stores secure metadata linked to the parent protected region. Upon receiving the request, the processor creates the child secure storage location and populates it with the secure metadata from the parent secure storage location. This enables a secure link to be established between the parent protected region and the child protected region, ensuring that security policies and access controls remain consistent across the forked processes. The method ensures that sensitive data and security attributes are preserved during process forking, mitigating potential security risks.
13. The method of claim 12 , further comprising establishing the secure link between the parent protected region and the child protected region, issuing a data request from the child protected region via the processor to the parent protected region, and responsive to the request receiving, by the child protected region via the secure link, data stored in the parent protected region.
14. A system comprising: a processor including at least one trusted core to execute a trusted instruction to create a child enclave that comprises a first trusted region of a child process, wherein the trusted instruction is to be invoked responsive to a call initiated by a parent enclave that comprises a first trusted region of a parent process to a parent non-trusted library that is located in a non- trusted region of the parent process, wherein the call is to instantiate the child process based on the parent process, wherein the parent non-trusted library is to issue a first request to an operating system kernel to cause the operating system kernel to invoke execution, by the processor, of a non-secure instruction to create the child process, and the parent non-trusted library is to issue a second request to call a trusted driver to invoke execution, by the processor, of the trusted instruction to create the child enclave; and a dynamic random access memory (DRAM) to store the child enclave.
This system relates to secure computing environments, specifically the creation of isolated execution regions (enclaves) within a process hierarchy. The problem addressed involves securely instantiating a child process with an associated enclave while maintaining isolation and integrity between parent and child processes. The system includes a processor with at least one trusted core capable of executing trusted instructions to create a child enclave, a secure region within a child process. The child enclave is created in response to a call from a parent enclave, which is a secure region within a parent process. The parent enclave initiates the call to a parent non-trusted library located in a non-secure region of the parent process. This library issues two requests: one to the operating system kernel to create the child process using a non-secure instruction, and another to a trusted driver to execute a trusted instruction for creating the child enclave. The child enclave is stored in dynamic random access memory (DRAM). This approach ensures that the child process and its enclave are securely established while leveraging both trusted and non-trusted components of the parent process. The system enables secure process creation and enclave management in environments requiring strong isolation and protection against unauthorized access.
15. The system of claim 14 , wherein the processor is further to execute the non-trusted instruction to create the child process responsive to the call and to store the child process in the DRAM.
A system for secure process execution in computing environments addresses the challenge of isolating untrusted code execution to prevent system compromise. The system includes a processor, a memory controller, and a dynamic random-access memory (DRAM) configured to store a parent process and a child process. The processor executes instructions from the parent process, including non-trusted instructions that may originate from untrusted sources. When a call to create a child process is received, the processor executes the non-trusted instruction to generate the child process and stores it in the DRAM. The memory controller enforces access restrictions, ensuring the child process cannot access the parent process's memory space, thereby isolating the untrusted code. The system may also include a trusted execution environment (TEE) to validate the child process before execution, further enhancing security. This approach mitigates risks associated with executing untrusted code by compartmentalizing processes and restricting memory access, reducing the attack surface of the computing system.
16. The system of claim 14 , wherein the processor is also to create a child secure storage location associated with the child enclave and located in a second trusted region of the child process, the child secure storage location based on a parent secure storage location that comprises a second trusted region of the parent process and is associated with the parent enclave and, the child secure storage location to include a measurement of the child enclave that is substantially identical to a measurement of the parent enclave that is stored in the parent secure storage location.
This invention relates to secure computing environments, specifically systems for managing secure enclaves within processes to ensure data integrity and confidentiality. The problem addressed involves securely transferring and maintaining enclave measurements between parent and child processes in a trusted execution environment. The system includes a processor that creates a child secure storage location within a child process, associated with a child enclave. This storage location resides in a trusted region of the child process and is derived from a parent secure storage location in a parent process. The parent secure storage location, also in a trusted region, is associated with a parent enclave. The child secure storage location contains a measurement of the child enclave that matches the measurement of the parent enclave stored in the parent secure storage location. This ensures consistency and integrity of enclave measurements across process boundaries, preventing unauthorized modifications. The system leverages trusted execution environments to maintain security, where only authorized processes can access or modify the secure storage locations. The invention enhances security by propagating enclave measurements from parent to child processes while preserving the integrity of the trusted execution environment.
17. The system of claim 16 , wherein the processor is to establish a trusted link between the parent enclave and the child enclave and after establishment of the trusted link the processor is to receive a data request from the child enclave and responsive to the data request, the processor is to enable data stored in the parent enclave to be sent to the child enclave via the trusted link.
This invention relates to secure data sharing between enclaves in a computing environment, addressing the challenge of maintaining data integrity and confidentiality while enabling controlled communication between isolated execution environments. The system includes a processor that manages multiple enclaves, which are secure execution environments isolated from the rest of the system. The processor establishes a trusted link between a parent enclave and a child enclave, ensuring that data exchanged between them is protected from unauthorized access. Once the trusted link is established, the processor receives a data request from the child enclave and, in response, enables the transfer of data stored in the parent enclave to the child enclave via the trusted link. This mechanism ensures that only authorized data is shared between enclaves, maintaining security while allowing necessary communication. The system may also include memory for storing data and instructions, and the processor may further manage access controls to enforce security policies during data transfers. The trusted link may be implemented using cryptographic techniques or hardware-based isolation mechanisms to prevent tampering or interception. This approach enhances security in environments where multiple enclaves need to collaborate while protecting sensitive information.
18. The system of claim 14 , wherein further responsive to the call to instantiate the child process, the processor is to create in the child process a child non-trusted library based on the parent non-trusted library by execution of the non-trusted instruction, wherein the child non-trusted library is to be located in a non-trusted region of the child process.
This invention relates to secure process management in computing systems, specifically addressing the challenge of isolating untrusted code execution within child processes derived from a parent process. The system involves a parent process containing a non-trusted library, which is a set of executable instructions that may pose security risks if improperly managed. When a call is made to instantiate a child process from the parent, the system creates a child process that includes a child non-trusted library derived from the parent's non-trusted library. This child non-trusted library is executed in a non-trusted region of the child process, ensuring that any potentially harmful operations are confined to this isolated environment. The parent process and its non-trusted library remain unaffected by the child process's execution, enhancing system security. The system leverages a processor to handle the instantiation and library creation, ensuring that the non-trusted instructions are executed only within the designated non-trusted regions. This approach mitigates risks associated with untrusted code while maintaining the integrity of the parent process and other system components.
19. The system of claim 14 , wherein further responsive to the call to instantiate the child process, the processor is to create child application code in a non-trusted region of the child process based on parent application code that is located in the non-trusted region of the parent process.
This invention relates to secure process instantiation in computing systems, specifically addressing the challenge of isolating untrusted code during process creation to enhance security. The system involves a parent process that includes both trusted and non-trusted regions, where the non-trusted region contains application code that may pose security risks. When a call is made to instantiate a child process, the system creates child application code in the child process's non-trusted region, derived from the parent process's non-trusted region. This ensures that potentially risky code is segregated in the child process, maintaining isolation between trusted and untrusted components. The parent process may also include a trusted region containing secure code, which is not replicated in the child process unless explicitly required. The system dynamically manages process creation to prevent unauthorized access or execution of sensitive code, improving overall system security. The approach is particularly useful in environments where processes must handle untrusted inputs or execute third-party code while minimizing security vulnerabilities.
Unknown
January 16, 2018
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.